Vulnerability Description
VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Vix Api | 1.0 |
| Linux | Linux Kernel | All versions |
| Vmware | Workstation | 6.5.0 |
Related Weaknesses (CWE)
References
- http://lists.vmware.com/pipermail/security-announce/2011/000131.htmlVendor Advisory
- http://secunia.com/advisories/43885Vendor Advisory
- http://secunia.com/advisories/43943Vendor Advisory
- http://securityreason.com/securityalert/8173
- http://securitytracker.com/id?1025270
- http://www.securityfocus.com/archive/1/517240/100/0/threaded
- http://www.securityfocus.com/bid/47094
- http://www.vmware.com/security/advisories/VMSA-2011-0006.htmlVendor Advisory
- http://www.vupen.com/english/advisories/2011/0816Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66472
- http://lists.vmware.com/pipermail/security-announce/2011/000131.htmlVendor Advisory
- http://secunia.com/advisories/43885Vendor Advisory
- http://secunia.com/advisories/43943Vendor Advisory
- http://securityreason.com/securityalert/8173
- http://securitytracker.com/id?1025270
FAQ
What is CVE-2011-1126?
CVE-2011-1126 is a vulnerability with a CVSS score of 6.9 (MEDIUM). VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library...
How severe is CVE-2011-1126?
CVE-2011-1126 has been rated MEDIUM with a CVSS base score of 6.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1126?
Check the references section above for vendor advisories and patch information. Affected products include: Vmware Vix Api, Linux Linux Kernel, Vmware Workstation.